(iStock)
(iStock)

Why India's trojan menace will only increase

  • Almost three in four banks in Asia Pacific anticipate that fraud in their country will increase in 2019, said a new report by FICO
  • Cybersecurity continues to be a major issue in India with 76.3% of organizations hit by cyber attacks in the last year, a global survey from security firm Sophos corroborated

Bengaluru/New Delhi: On Tuesday, Indian IT service company Wipro Ltd. confirmed reports about a phishing attack on its IT systems even as it hired an independent forensic firm to assist with the investigation. The breach was first reported by cybersecurity portal, KrebsOnSecurity, after it was brought to their attention by two sources on the condition of anonymity.

Only a day earlier, a researcher John Page revealed that hackers can use an unpatched exploit in Internet Explorer (IE) to both spy on Windows users and steal their local data . In fact, email accounts across Microsoft’s Outlook, Hotmail and MSN services were left vulnerable for almost three months (1 January to 28 March) even as Microsoft said that only a “limited" number of people had their accounts compromised in the breach.

Wipro and Microsoft are only cases in point. The world over, individuals, companies and governments are being increasingly targeted as we get more digital with a rise in smartphones and more connected devices underscoring the internet of things (IoT) trend. India is no exception cybersecurity continues to be a major issue in India with 76% organizations hit by online attacks in the last year, as compared to 68% incidents across the globe, according to a global survey from security firm Sophos early last month.

The survey added that 97% IT managers admitted that security expertise is one of the greatest issues in India, and while 92% Indian IT managers wish they had a stronger team in place to properly detect, investigate and respond to security incidents, 89% believe cyber security recruitment is a challenge.

Almost three in four banks in Asia Pacific anticipate that fraud in their country will increase in 2019, said a new report by FICO on Tuesday. Of specific concern are transactions completed when neither the card nor the cardholder is physically present (card-not-present or CNP fraud), as well as cards taken out by criminals under false identities (application fraud), the report added.

Cybersecurity continues to be a major issue in India with 76.3% of organizations hit by cyber attacks in the last year, as compared to 68% organizations hit across the globe, a global survey from security firm Sophos corroborated. The report found that on an average, Indian organizations that investigate one or more potential security incidents each month spend 48 days a year (four days a month) investigating them.

On 13 March, security firm Seqrite--the enterprise arm of Quick Heal Technologies--said that in the second half of 2018, it detected close to 50 million threats targeting enterprises. This translates to around 186 detections every minute. These detections included known and unknown threats such as cryptojacking, ransomware, trojans, exploits, worms, infectors, potentially unwanted applications (PUAs), and adware. Further, commercial spyware programs called 'Stalkerware' are background-running apps installed on phones, which can be used to monitor and track device activity.

Newer threats become more prominent, as older threats evolve. Researchers at Seqrite detected more than 15,000 cryptojacking hits a day on average, totalling to more than 2.76 million detections. Further, with more than 2,000 detections on a daily basis, ransomware remained one of the most persistent threats deployed by cybercriminals.

The IT/ITeS industry was highlighted as the most targeted sector in the 'Seqrite Threat Report H2 2018', accounting for 27.83% of the total malware detections. Professional services followed close on its heels with a detection share of 24.43%, while manufacturing (17.70%) and education (11.08%) were also identified as at-risk industries.

Malware authors, according to the report, will leverage generic loopholes in data-intensive sectors such as healthcare, BFSI, and cloud services to sell well-organized APT attack vectors to prospective threat actors. There is also the possibility of advanced persistent threats (APTs) being deployed against specific nation-states, large organizations, government agencies, law enforcement systems, etc., the report concluded.

To be sure, it's not that companies are ignoring the issue. While Wipro has hired an independentn 13 March, Infosys said it plans to open a new Cyber Defence Center in Bucharest "this summer". The Center will provide cybersecurity services to help European and global clients progress on their digital transformation journey. Services include cyber forensics, ethical hacking, security analytics, threat detection and response.

Healthcare companies are another major concern area. Through new software, companies have developed voice tools capable of handling patient information covered under the U.S. Health Insurance Portability and Accountability Act (HIPAA).

According to Adam Levin, Founder of CyberScout and author of "Swiped", "Alexa is now making house calls and a treasure trove of medical data is being stored by this virtual assistant with major privacy and security implications. PHI or Protected Healthcare Information is a prime target for hackers who can use the data in a host of identity theft schemes or sell it on the dark web. There have already been reports of Alexa going rogue and recording private conversations and then sharing that information with contacts. What if the device shared confidential medical data?" These new technical advances may make our lives easier, acknowledges Levin but cautions that as we see a greater pivot to privacy with GDPR and the fact that breaches have become third certainty in life, "convenience should never trump consumer privacy and security".

As cybercriminals employ automation and machine learning to propagate attacks, security organizations need to do the same to combat these advanced methods, experts suggest.

“While detection and response are integral components of cybersecurity defense, the current model of disjointed standalone products leaves organizations with blind spots and conflicting data," said Lee Klarich, chief product officer at Palo Alto Networks. He concluded, “We believe the only way to solve this is with best-in-class prevention, combined with the ability to normalize and analyze data at scale from as many sources as possible, applying AI and machine learning to automatically detect and quickly respond to threats."


Close